HIPAA, Telehealth, and Health Apps

Covered entities have long been aware of HIPAA requirements, but are you aware of the requirements as they pertain to telehealth, health apps and connected devices?

We can help your practice get up to date and prepared to minimize breach risks from third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

As telehealth services are performed by covered entities, HIPAA rules govern.

However, health app developers aren’t usually covered entities under the HIPAA rules. The Federal Trade Commission (FTC) recently released a statement to offer guidance related to breaches as they pertain to health apps and connected devices.

The FTC stated in its statement (available HERE) that entities that aren’t covered by HIPAA still have accountability when consumers’ sensitive health information is compromised.

The FTC requires the companies who own various health apps and connected devices to provide notifications of breaches. The FTC’s breach notification rule is not new, but the statement was released to respond to the expansion of health apps.

Like under HIPAA, the FTC warned that a breach is not limited to a cybersecurity attack, but also includes unauthorized access.

To minimize the risk of breaches, the FTC recommends that health app developers:

  • Minimize data
  • Limit access and permissions
  • Keep authentication in mind
  • Implement security by design
  • and more.

If you are using telehealth for your patients, you need to make sure that you are following all HIPAA rules and regulations. We help our clients ensure that their telehealth services are in keeping with the HIPAA Security Rule.

If you have any telehealth questions or want to learn more about telehealth, make sure to tune into our webinar, Upcoming Changes to Telehealth Policies. We are partnering with The Physician Alliance on October 20, 2021 at 8:00 a.m. EST to bring you up to date information on telehealth. Register HERE.

Finally, we know you’re busy. Subscribe to our blog to get updates and news sent directly to your inbox!

We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, 

Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors?  We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs:  CLICK HERE.

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.